DFiNE
/
OdenseTrack
Watch 1
Star 1
Fork 0
Code Issues 3 Pull Requests 0 Releases 2 Wiki Activity
Browse Source

Update to upload, so tinymce also uses random generated names

tags/rls1
kenn408k 6 years ago
parent
44f0d7d8c7
commit
5a38a8a17d
2 changed files with 14 additions and 7 deletions
Split View Show Diff Stats
  1. 1
    1
      classes/upload.class.php
  2. 13
    6
      handleUpload.php

+ 1
- 1
classes/upload.class.php View File 

@@ -10,7 +10,7 @@ class Upload {
10 10
11 11 
     }
12 12
13 
-    private static function generateRandomString($length = 5) {
13 
+    public static function generateRandomString($length = 5) {
14 14 
         // Function to generate a random string of 5 chars.
15 15 
         $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; // Chars to use
16 16 
         $charactersLength = strlen($characters); // Check string length

+ 13
- 6
handleUpload.php View File 

@@ -18,10 +18,20 @@ $temp = current($_FILES);
18 18 
 if (is_uploaded_file($temp['tmp_name'])) {
19 19
20 20 
     if (!User::checkLevel("75")) {
21 
-        header("HTTP/1.1 403 Origin Denied");
21 
+        header("HTTP/1.1 403 Permission Denied");
22 22 
         return;
23 23 
     }
24 24
25 
+    // Set required variables.
26 
+    $ext = explode('.', $temp['name']); // end() doesnt like us using explode directly.
27 
+    $extension = strtolower(end($ext)); // Get the extension of the file.
28 
+    $randomname = Upload::generateRandomString(); // We give our file a random name - It will be this.
29 
+
30 
+    // Check if filename exists, and regenrate until it doesnt.
31 
+    while (IS_FILE($cwd . '/' . Config::$file_path . $randomname . '.' . $extension)) {
32 
+        $randomname = Upload::generateRandomString();
33 
+    }
34 
+
25 35 
     // Sanitize input
26 36 
     if (preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])) {
27 37 
         header("HTTP/1.1 400 Invalid file name.");
 
@@ -35,14 +45,11 @@ if (is_uploaded_file($temp['tmp_name'])) {
35 45 
     }
36 46
37 47 
     // Accept upload
38 
-    $filetowrite = $imageFolder . $temp['name'];
48 
+    $filetowrite = $imageFolder . $randomname .'.'. $extension;
39 49 
     move_uploaded_file($temp['tmp_name'], $filetowrite);
40 50
41 51 
     // Respond to the successful upload with JSON.
42 
-    // Use a location key to specify the path to the saved image resource.
43 
-    // { location : '/your/uploaded/image/file'}
44 
-
45 
-    echo json_encode(array('location' => Config::$sys_url . Config::$file_path . $temp['name']));
52 
+    echo json_encode(array('location' => Config::$sys_url . Config::$file_path . $randomname .'.'. $extension));
46 53 
 } else {
47 54 
     // Notify editor that the upload failed
48 55 
     header("HTTP/1.1 500 Server Error");

Write Preview
Loading…
Cancel
Save